CVE-2010-4168 - Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to

CVE-2010-4168

Summary

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp.

References

Vulnerable Configurations

cpe:2.3:a:openttd:openttd:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.1:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.1:rc2:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.2:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.2:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.3:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.3:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.4:rc1:*:*:*:*:*:*
cpe:2.3:a:openttd:openttd:1.0.4:rc1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 02-02-2024 - 16:40)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	44844
confirm	http://security.openttd.org/en/CVE-2010-4168 http://security.openttd.org/en/patch/28.patch http://vcs.openttd.org/svn/changeset/21182
fedora	FEDORA-2010-18571 FEDORA-2010-18572
mlist	[oss-security] 20101114 CVE request for OpenTTD [oss-security] 20101115 Re: CVE request for OpenTTD
secunia	42578
vupen	ADV-2010-2985 ADV-2010-3199

Last major update

02-02-2024 - 16:40

Published

17-11-2010 - 16:00

Last modified

02-02-2024 - 16:40